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Abstract — Traditional network security protocols depend 
mainly on developing cryptographic schemes and on using 
biometric methods. These have led to several network security 
protocols that are unbreakable based on difficulty of solving un- 
tractable mathematical problems such as factoring large integers. 

In this paper, Security of Networks Employing Encoding and 
Decoding (SNEED) is developed to mitigate single and multiple 
link attacks. Network coding and shared capacity among the 
working paths are used to provide data protection and data 
integrity against network attackers and eavesdroppers. SNEED 
can be incorporated into various applications in on-demand TV, 
satellite communications and multimedia security. Finally, It is 
shown that SNEED can be implemented easily where there are k 
edge disjoint paths between two core nodes (routers or switches) 
in an enterprize network. 

I. Introduction 

Internet Service Providers (ISP) and Internet Traffic Engi- 
neering (ITE) aim to provide fast, reliable, quality of demands, 
and differentiated services for demanding users. Such services 
can be deployed at the IP, physical, and application layers. 
Several security schemes and network protection strategies 
have been proposed during the last two decades to protect op- 
erational networks against link failures, node attacks, increased 
overhead and congestion. The goal in this paper is to provide 
novel strategies for network security services against attacks 
and eavesdroppers by deploying network coding and shared 
capacity. The strategies can be deployed to protect network 
traffics between core nodes such as routers or switches. 

Protection of communication networks against network at- 
tacks and failures are essential to increase robustness, reliabil- 
ity, and availability of the transmitted data. The attacks may 
also occur at various network layers, including the physical, 
IP, or application layers [13], [16]— [18]. Also, network attacks 
can occur due to vulnerable network configurations or due 
to transmitting insecure data. These problems have received 
significant attention from researchers and practitioners, and a 
large number of techniques have been introduced to address 
such problems. In the other side, traditional network security 
schemes depend mainly on developing cryptographic protocols 
or on using biometric methods. Essentially, cryptographic 
protocols are considered unbreakable based on difficulty of 
solving mathematical problems such as factoring large inte- 
gers [17], [18]. 

Network coding is a powerful tool that has been recently 
used to increase the throughput, capacity, and performance 
of communication networks. Information theory aspects of 
network coding have been investigated in [ 1], [7], [8] and [20]. 
It certainly can offer benefits in terms of energy efficiency, 




Fig. 1. n links are shared between sets of senders and receivers. One link 
is used for data integrity and message authentication. The trusted party can 
be a router (or switch) to send and receive messages. 



additional security, and delay minimization. Network coding 
is used to detect adversaries [ 1 0] and to protect packets against 
network attackers and injectors [5], [9], [12]. Network coding 
can be also used to enhance security and protection [12], [14]. 

In this paper, we propose an approach for light-weight 
network security that is based on network coding. We develop 
a scheme called SNEED, Security of Networks Employing 
Encoding and Decoding, in order to protect transmitted data 
between sets of senders and receivers. For one path that has 
been attacked (eavesdropped) between a sender and receiver, 
one backup path is provided, in which it will carry encoded 
data from sources to receivers. 

II. Network Model and Assumptions 

In this section, we describe the network model and basic 
assumptions. The node can be a router, switch, or an end 
terminal depending on the network model and transmission 
layer. 

A. Network Model 

i) Let Af be a network represented by an abstract graph 
G = (V, E), where V is a set of nodes and E is 
a set of undirected edges. Let S = {s l7 s 2 ,...} and 
R = {r l7 r 2 ,...} be sets of independent sources and 
destinations, respectively. The set V = VUSUR contains 
the relay nodes, sources, and destinations as shown in 
Fig. 1. Assume for simplicity that |5| = \R\ = n, and 
hence the number of sources is equal to the number of 
receivers. Assume also that the senders (receivers) are 
connected by a super sender (receiver). 

ii) A connection path Li is a set of edges connected to- 
gether with a starting node (sender) and an ending node 
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(receiver). The paths L = {Li, L 2 , ■ ■ ■} carry data from 
the sources to the receivers. Connection paths are link 
disjoint and provisioned in the network between senders 
and receivers. All connections have the same bandwidth, 
or otherwise a connection with a high bandwidth can be 
divided into multiple connections, each of which has the 
unit capacity. 

iii) Every sender will send a message m\ to the receiver 
r, at time t\ in the round I in the cycle 5, for all 
1 < i < n. A receiver r. t receiving a message m\ is 
able to detect whether the message has been altered by 
using any authentication or signaling protocols. Further 
details regarding this model, definition of the working and 
backup paths, and the normalized capacity can be found 
in [2] and [3]. 

iv) Enck and Dec k represent the encryption and decryption 
algorithms with a shared symmetric key k, respectively. 

B. Senders and Receivers Packets 

Every sender Si prepares a packet packet Si ^ ri sent to the 
receiver rj. The packet contains the sender's ID Si , data mf, 
and time for every round and cycle t\. There are four types 
of packets that carry the data: 

i) Plain Packets. Packets sent without network coding or 
encryption, in which the sender does not require to per- 
form any coding or encrypting operations. For example, 
in case of packets sent without coding, the sender s ; sends 
the following packet to the receiver re 

packets,^, ■■= (IDs^m^tg) (1) 

ii) Encoded Packets. Packets sent with encoded data with- 
out encryption, in which the sender requires to perform 
other sender's data. For example, in case of packets sent 
with encoded data, the sender Si sends the following 
packet to receiver re 

packet Si _ yr! := (ID Sil ^ mj,t e s ), (2) 

where S is the set of sources sending plain messages. 

iii) Encrypted Packets. Assume there is a shared symmetric 
key between a sender Si and receiver r^. In this case the 
sender Si will send the packet packet Si ^ Ti as follows: 

packet Si -> rz := (ID 3i ,Enc ki (rr4),t e s ). (3) 

This packet carries an encrypted message without encod- 
ing. 

iv) Encoded and Encrypted Packets. Packets sent with 
encoded data with encryption, in which the sender needs 
to protect other senders' data. For example, in case of 
packets sent with encoded encrypted data, the sender Si 
sends the following packet to receiver re 

packet Si _, ri := (ID Sz , ^ x e J7 t e s ). (4) 

SjES 



The value y l = YSj=i,j& x j> where = Enc kj (m^), is 
computed by every sender Si, in which it is able to collect 
the data from all other senders and encode them by using 
the XORed operations. 

C. Attackers Model 

We represent an attacker model as follows. There are 
two types of attacks in which the network security services 
must overcome: Active (intruders) and passive (eavesdroppers) 
attackers [19]. We also assume that t different attackers have 
access to t channels among all n channels L\, L 2 , . ■ ■ , L n at 
a certain round time, for t > 1. This is similar to an attacker 
accessing t channels. Multiple attackers which attack the same 
channel are represented by one attacker. 

i) The passive attacker is able to eavesdrop on the transmis- 
sion between the senders and receivers. A passive attacker 
such as an eavesdropper should not learn any information 
even if it can have a copy of it. 

ii) The active attacker can modify or fabricate messages 
throughout a cycle. This occurs by injecting new data 
(coefficients) at the relay nodes of data sent by the 
sources. This can occur also over the shared links. In 
addition, an active attacker will not be able to change or 
fabricate information, and affect the system resources due 
to the network security strategies. 

This attacker model is similar to the attacker model de- 
scribed for wiretapping channels as stated by many authors [6], 
[20]. 

III. Data Security Against A Single Attacked Path 
By Using Shared Keys And Network Coding 

In this section, we consider the case of a single active 
attacker, i.e., t = 1. We will assume that there are shared 
symmetric keys between the senders and receivers. Also, the 
receivers are able to detect messages that have been modified 
by the attackers using hashing functions like MD5 or SHA- 
1; fabricated messages can be detected by using sequence 
numbers between the senders and receivers [17], [18]. 

Let ki be a shared symmetric key between Si and r^. This 
key can be distributed by using a Trusted Third Parity (TTP). 
In this case, the senders exist in a secure domain as well as the 
receivers. Let Xi be the encrypted message from the sender Si 
to the receiver by using the shared key ki. Thus, 

x\ = Enc ki {m\) (5) 

A. Encoding Operations: The encoding operations are done 
as follows. At every round time, n — 1 senders will send 
their own data with full capacity over n — 1 paths that are 
established from the sources to the destinations. Also, these 
n — 1 sources will exchange their data with exactly one source 
node Si that will send the Xored encoded data over a shared 
link Li. This process is explained in Eq. (6) in Table 1.; and 
we call it (SNEED) against a single attacked path (SAP). 
The data is sent in rounds for every cycle. Also, we assume 
that the attacker can affect only one path throughout a cycle, 
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TABLE I 

The encoding operations of SNEED 
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Fig. 2. n shared links between a set of senders and a set of receivers. One 
link is used for data integrity and authentication. A path is a set of links 
connecting a set of nodes (routers or switches). A software management to 
solve a commodity problem can be used to provision a set of link disjoint 
paths between two core nodes in a given network topology. 



but different paths might suffer from different active attackers 
throughout different cycles. In this case, throughout of one 
cycle consists of n rounds, yj's for 1 < j < n are defined 
over F2 as 

j — 1 71 

Vj=Y. x ^ 1 ® Y 4- (?) 

i=l i=J+l 

The senders send packets to the set of receivers in rounds. 
Every packet initiated from the sender s; contains ID Si , data 
x l s , and a round t e s . For example, the sender Si will send the 
encrypted packet Si yr( as follows. 

packet Si >ri = (ID Si ,x s .,t s ). (8) 

Also, the sender sj will send the encoded encrypted data y Sj 

as 

packet Sj __ = ( ID Sj ,y Sj ,tg). (9) 

We ensure that the encoded data y s is varied per one round 
transmission for every cycle. This means that the path Lj 
is dedicated to send only one encoded data y 3 and all data 

3 ' 3 1 ' * ' 1 x j ■ 

The data transmitted from the sources do not experience any 
round time delay. This means that the receivers will be able to 
decrypt the received packets online and immediately recover 
the attacked data. In Eq. (6), the active attacker can break only 
one message per one attacked working path. A generalization 
of this scheme is presented in Section V where the active 
attacker(s) has access to t multiple channels simultaneously. 

Lemma 1: The normalized network capacity according to 
Eq. (6) is {n — 

Proof: The proof comes from the fact that only one 
encoded packet is sent over one channel throughout every 
round per cycle. Therefore, there are (n — 1) plain packets 
sent over n channels. ■ 

B. Decoding and Data Integrity Operations: The decoding 
operations are done as follows. Every receiver r, will receive 
a message x\ over the link Li. Once the attack occurs at a link 
L^ then the receiver that receives yg over the path Li will be 
used for data integrity and recovery. 



In case the attacker modifies the message, the receiver n 
will know about the modified message by using MD5 hashing 
function, so 7^ will ask other receivers to send their messages 
to recover the modified message. 

n n 
h=l,h^i h=j+l,h^i 

The receiver will decrypt the message xj by using its 
symmetric key ki, i.e., mf = deckiixf). 

IV. SNEED without Sharing symmetric Keys 

In this section, we propose to use network coding to secure 
the traffic between the senders and receivers against active 
attackers, where no symmetric keys are shared. Assume a 
network with n connections shared between n senders and 
receivers. We will assume that every sender will be able to 
combine packets from other receivers to hide its own data. 
For example, the sender Sj will send the encoded message y. t 
to the receiver r-j over the link i,. 

We will design a security scheme by using network coding 
against an entity which can not only copy or listen to the 
message, but also can fabricate new messages or modify the 
current ones. In this model we do not assume pre-shared secret 
keys between the senders and receivers. Also, the message is 
still secured against attack's fabrication and modification. 

A. Network Security Codes and SNEED 

We will define network security codes for SNEED and 
study their properties. We assume there is a super sender 
S that sends n different messages over disjoint paths to n 
receivers as shown in Fig. 2. Furthermore, the receivers can 
communicate with each other by using a trusted party. The 
goal is to provide collaborative security for the n messages 
against eavesdroppers, intruders, and malicious attackers. We 
will develop SNEED over the binary field, hence the fastest 
encoding and decoding operations are used. 

One useful application of SNEED is the case of sending 
multimedia and TV streams over a public network as in the 
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TABLE II 

Best known SNEED codes over F 2 [II] 
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Internet. Such streams must be processed online with fast 
encoding and decoding operations, in addition to the security 
operations. Let d be the minimum distance defined as in the 
notion of error correcting codes [4], [11], [15]. 

Definition 2 (SNEED): An [n, k, d]2 network security 
code is a fc-dimensional subspace of the space F£ that secures 
k information symbols (messages) by mapping them into n 
mixed symbols, and can recover from upto d— 1 compromised 
(attacked) channels. Furthermore, the code is generated by a 
nonsystematic matrix G of size k x n defined over F2. 



G 



(aw 912 
321 321 



9ln\ 

92; 



(ID 



\9kl 9k2 ■ ■ ■ 9knJ kxn 

We will use the nonsystematic classical binary error cor- 
recting codes in the construction of SNEED [11], [15]. The 
encoding scheme of such codes is given by 
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(12) 



The encoding message yj, for 1 < j < n , is defined by 



Vj XX'' 



(13) 



working paths that will carry k source data. The result is a 
consequence by dividing by the total number of channels n. 

■ 

Table II presents the best known SNEED for certain number 
of channels defined over F2. 

We have 77 — k lockers' channels, in which they carry redun- 
dant data, in this model. From the proposed code construction, 
we ensure that t = d — 1 < 77 — k, where t is the number 
of compromised (attacked) channels. This is actually a direct 
consequence of the Singleton bound [11], [15]. 

B. Decoding Operations of SNEED 

The decoding operations at the receivers side are guaran- 
teed once a system of t linearly independent equations is 
established in t unknown variables. Let t attackers can access 
t disjoint channels and alter the transmitted messages. We 
assumed that the receivers are located in a trusted domain, 
therefore they can trust and exchange protected messages with 
each others. 

The system can be solved by using, for example, Gauss 
elimination method. By definition of SNEED, the matrix G 
has dimension of k. Furthermore, the receivers will know the 
number and position of the channels that have been attacked. 
In this case the decoding operations are achieved by using the 
well known decoding methods for erasure channels, see [11]. 

The following example illustrates the proposed model. 

Example 4: Assume we have a connection Li between a 
sender s, and a receiver for i = 1,2,3 and 4. Furthermore, 
the channel L 4 is used as a lock (redundant) path. Without 
loss of generality, we can assume that the four senders send 
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(14) 
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We also assume that the attacker affects only one of channels 
Li,L 2 or L3. In this example the SNEED can be stated as 
follows. There are three working paths and one lock path. The 
security scheme is given by 
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(15) 



If the channel L 2 is compromised, then the decoding can be 
done by using Gauss elimination method over the channels 
Li,L 3 and L 4 . Adding yi, y 3 and j/ 4 will give mi, then 
substituting in y\ and y 3 will give 777 2 and 7773. 



i=i 



Lemma 3: The normalized capacity of the network utiliz- 
ing SNEED is given by fc/77. 

Proof: By the definition of the network security code, 
there are 77 — k redundant symbols that are used to recover 
from up to d — 1 attached channels. Therefore there are k 



V. SNEED over Higher Finite Fields 

In this section, we study security of networks employing 
encoding and decoding, SNEED, against multiple link attacks. 
We propose SNEED over a finite field with q elements to 
achieved this goal. In this scheme is an extension of the 
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scheme presented in Section III, where the encoding and 
decoding operations are defined over the binary field. Assume 
t be the number of compromised channels. One can design a 
matrix Q over F q such that k = n — t paths will carry secure 
data. Let a be a primitive element in F q . The matrix Q is 
defined by 
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(16) 



The matrix G has rank k = n — t. Clearly a finite field 
with q > n .— t + 1 is sufficient for the encoding and decoding 
operations. The encoding operations are done by using the 
following encoding scheme. 
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By this construction, if there are up to t attacked paths, then 
the system of n — t x n — t equations is solvable. This is due 
to the fact that the remaining matrix can be reduced to the 
Vandermond matrix [11, Chapter 4] . 
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VI. Conclusion 

Network coding as a promising tool offers benefits for 
enhancement and supplement of network security services. 
In this paper, we presented schemes for enhancing network 
security using network coding and joint capacities. We demon- 
strated the encoding and decoding operations of the proposed 
SNEED and showed that it can be deployed over a network 
with ?? senders and n receivers. Furthermore, SNEED is robust 
against active and passive network attacks. Our future work 
will include practical aspects of the proposed schemes. 
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